If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Linux distro for security refresher on eeePC 701

Hi all,

I've been out of the security thing for about 5 years, and I know I need to learn some new tricks. I've got an eeePC 701 netbook with a 4GB hard SSD that I'd like to set up as a general security testing tool. Any recommendations on a Linux distro? My key needs (in order of importance) are:

1) Security testing focus
2) Lightweight

I figure if I need more space, I can always add an SDHC card to beef it up.

\"The future stretches out before us, uncharted. Find the open road and look back with a sense of wonder. How pregnant this moment in time. How mysterious the path ahead. Now, step forward.\"
Phillip Toshio Sudo, Zen Computer
Have faith, but lock your door.

1. BackTrack
The newest contender on the block of course is BackTrack, which we have spoken about previously. An innovative merge between WHax and Auditor (WHax formely WHoppix).
BackTrack is the result of the merging of two Innovative Penetration Testing live Linux distributions Whax and Auditor, combining the best features from both distributions, and paying special attention to small details, this is probably the best version of either distributions to ever come out.
Based on SLAX (Slackware), BackTrack provides user modularity. This means the distribution can be easily customised by the user to include personal scripts, additional tools, customised kernels, etc.Get BackTrack Here.2. Operator
Operator is a very fully featured LiveCD totally oriented around network security (with open source tools of course).
Operator is a complete Linux (Debian) distribution that runs from a single bootable CD and runs entirely in RAM. The Operator contains an extensive set of Open Source network security tools that can be used for monitoring and discovering networks. This virtually can turn any PC into a network security pen-testing device without having to install any software. Operator also contains a set of computer forensic and data recovery tools that can be used to assist you in data retrieval on the local system.Get Operator Here3. PHLAK
PHLAK or [P]rofessional [H]ackerís [L]inux [A]ssault [K]it is a modular live security Linux distribution (a.k.a LiveCD). PHLAK comes with two light guiís (fluxbox and XFCE4), many security tools, and a spiral notebook full of security documentation. PHLAK is a derivative of Morphix, created by Alex de Landgraaf.
Mainly based around Penetration Testing, PHLAK is a must have for any pro hacker/pen-tester.Get PHLAK Here (You can find a PHLAK Mirror Here as the page often seems be down).4. Auditor
Auditor although now underway merging with WHax is still an excellent choice.
The Auditor security collection is a Live-System based on KNOPPIX. With no installation whatsoever, the analysis platform is started directly from the CD-Rom and is fully accessible within minutes. Independent of the hardware in use, the Auditor security collection offers a standardised working environment, so that the build-up of know-how and remote support is made easier.Get Auditor Here5. L.A.S Linux
L.A.S Linux or Local Area Security has been around quite some time aswell, although development has been a bit slow lately itís still a useful CD to have. It has always aimed to fit on a MiniCD (180MB).
Local Area Security Linux is a ĎLive CDí distribution with a strong emphasis on security tools and small footprint. We currently have 2 different versions of L.A.S. to fit two specific needs Ė MAIN and SECSERV. This project is released under the terms of GPL.Get L.A.S Linux Here6. Knoppix-STD
Horrible name I know! But itís not a sexually trasmitted disease, trust me.
STD is a Linux-based Security Tool. Actually, it is a collection of hundreds if not thousands of open source security tools. Itís a Live Linux Distro, which means it runs from a bootable CD in memory without changing the native operating system of the host computer. Its sole purpose in life is to put as many security tools at your disposal with as slick an interface as it can.Get Knoppix-STD Here7. Helix
Helix is more on the forensics and incident response side than the networking or pen-testing side. Still a very useful tool to carry.
Helix is a customized distribution of the Knoppix Live Linux CD. Helix is more than just a bootable live CD. You can still boot into a customized Linux environment that includes customized linux kernels, excellent hardware detection and many applications dedicated to Incident Response and Forensics.Get Helix Here8. F.I.R.E
A little out of date, but still considered the strongest bootable forensics solution (of the open-source kind). Also has a few pen-testing tools on it.
FIRE is a portable bootable cdrom based distribution with the goal of providing an immediate environment to perform forensic analysis, incident response, data recovery, virus scanning and vulnerability assessment.Get F.I.R.E Here9. nUbuntu
nUbuntu or Network Ubuntu is fairly much a newcomer in the LiveCD arena as Ubuntu, on which it is based, is pretty new itself.
The main goal of nUbuntu is to create a distribution which is derived from the Ubuntu distribution, and add packages related to security testing, and remove unneeded packages, such as Gnome, Openoffice.org, and Evolution. nUbuntu is the result of an idea two people had to create a new distribution for the learning experience.Get nUbuntu Here10. INSERT Rescue Security Toolkit
A strong all around contender with no particular focus on any area (has network analysis, disaster recovery, antivirus, forensics and so-on).
INSERT is a complete, bootable linux system. It comes with a graphical user interface running the fluxbox window manager while still being sufficiently small to fit on a credit card-sized CD-ROM.
The current version is based on Linux kernel 2.6.12.5 and Knoppix 4.0.2Get INSERT HereExtra Ė Knoppix
Remember this is the innovator and pretty much the basis of all these other distros, so check it out and keep a copy on you at all times!
Not strictly a security distro, but definately the most streamlined and smooth LiveCD distribution. The new version (soon to be released Ė Knoppix 5) has seamless NTFS writing enabled with libntfs+fuse.
KNOPPIX is a bootable CD or DVD with a collection of GNU/Linux software, automatic hardware detection, and support for many graphics cards, sound cards, SCSI and USB devices and other peripherals. KNOPPIX can be used as a productive Linux desktop, educational CD, rescue system, or adapted and used as a platform for commercial software product demos. It is not necessary to install anything on a hard disk.Get Knoppix Here

Thanks everyone! I had come across the list that HYBR|D posted (thanks to Google), but it seemed rather out-of-date. My other thought was, while all these distros look interesting, I was curious if anyone knows if one in particular runs ok on an eeePC 701 (which is a relatively old netbook). Ah well, experiment time!

\"The future stretches out before us, uncharted. Find the open road and look back with a sense of wonder. How pregnant this moment in time. How mysterious the path ahead. Now, step forward.\"
Phillip Toshio Sudo, Zen Computer
Have faith, but lock your door.

Well for the most part; Linux and BSD, and really, ANY Unix based OS, are gonna have pretty good system support when it comes to running on older hardware.

I mean, any of those things you choose to use, are probably gonna work just fine.

There are some that have more tools than others, and as Coffee Cup / Hybrid pointed out, there's quite a few.

I've personally used Backtrack multiple times. Also, some are geared in different directions; Like some may be used mainly for Forensic stuff, and some might be used more for Penetration Testing.

The one I linked to, BackBox, seems to have a decent amount of tools in general.

I do feel I should at least point out that any Linux distro, has the chance to do this.

There used to be a distro called "I-Slack" but they renamed their project NetSec L, which is basically Slackware Linux, but with a Security minded Package Selection.

I don't even know if it's still around or not, but look into that too. I used to install it on machines here all the time. It's one of th few that came with not only Hping, but Hydra as well.

Hping and Hydra, along with IPSorcery, are some of the better tools out there.

I'll also point out that FreeBSD, has a LOT of Security Tools. Both FreeBSD Ports, and FreeBSD Packages, have multiple Security tools you can use. FreeBSD has a BUNCH of Security Tools available to it.